|
|
| Croatia
Information systems – advantage or threat?International week of information security just ended in Zagreb. More than twenty top security experts from ten different countries, under the leadership of John Sherwood and Jorge Sebastiao, demonstrated the most modern approaches to securing information as key factors to doing business in modern companies, governmental bodies and public institutions. Around two hundred people from the central European region participated on this event. Participants were mostly from the banking and telecommunications sector, advanced industires and governmental bodies. Incident hiding Jorge Sebastiao, top expert in business continuity with practical experience from the regions in turmoil, such as Persian gulf, demonstrated in his workshops and presentations how a very small incident in information system can destroy organizations and individuals, as well as damage the overall economy. Breach in information systems, human mistake, technology malfunction...all of them are reasons for loss of confidential information, such as bank accounts, health insurance information, corporate or state secrets. It is in interest of corporations that experienced such events not to go into public with such information. To cover the loss is more affordable than the loss of confidence of clients. Hacking for public British expert for IT forensics, Andrew Sheldon, demonstrated to participants during the coffee break the general internet insecurity in the world, by completely taking control over security cameras connected to internet. Some of the cameras belonged to supervisory systems, such as data centers, offices, public building entrances, etc. Proactive approach Organizer of this event, company S&T, demonstrated that approach to security is based on management and risk assessment. Such approach is considered in the world as efficient and is a basis for all world norms and guidance related to this area, such as ISO 27001/ISO17799, Basel II, SOX and other. Croatian National Bank, as well as other regional central banks, guided by such principles, released a guideline for management of operational risk of information systems that should increase a security of domestic banks, that almost completely depend on its own information systems. Only with knowledge to security “Understanding of exposure to threat is the first and foremost step to security”, stated Stanko Cerin, president of the organizing committee of InfoSecWeek, and added: “Company management aware of dependence on information and systems that store and manipulate data will educate its employees in this field, while part of its income will transfer into investment for security of its future.” Significant increase of interest for workshops held during the week of information security surely presents a positive trend in the entire central European region. |
|
